US20150163674A1 - Method for Selectively Exposing Subscriber Data - Google Patents

Method for Selectively Exposing Subscriber Data Download PDF

Info

Publication number
US20150163674A1
US20150163674A1 US14/628,782 US201514628782A US2015163674A1 US 20150163674 A1 US20150163674 A1 US 20150163674A1 US 201514628782 A US201514628782 A US 201514628782A US 2015163674 A1 US2015163674 A1 US 2015163674A1
Authority
US
United States
Prior art keywords
subscriber data
subscriber
confidence level
opt
party requestor
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Abandoned
Application number
US14/628,782
Inventor
Alok Sharma
Yigang Cai
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Alcatel Lucent SAS
Nokia of America Corp
Original Assignee
Alcatel Lucent SAS
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Alcatel Lucent SAS filed Critical Alcatel Lucent SAS
Priority to US14/628,782 priority Critical patent/US20150163674A1/en
Assigned to ALCATEL-LUCENT USA INC. reassignment ALCATEL-LUCENT USA INC. ASSIGNMENT OF ASSIGNORS INTEREST (SEE DOCUMENT FOR DETAILS). Assignors: CAI, YIGANG, SHARMA, ALOK
Publication of US20150163674A1 publication Critical patent/US20150163674A1/en
Abandoned legal-status Critical Current

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/04Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/10Network architectures or network communication protocols for network security for controlling access to devices or network resources
    • H04L63/105Multiple levels of security
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/06Authentication
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/08Access security
    • H04W12/084Access security using delegated authorisation, e.g. open authorisation [OAuth] protocol
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W8/00Network data management
    • H04W8/18Processing of user or subscriber data, e.g. subscribed services, user preferences or user profiles; Transfer of user or subscriber data
    • H04W8/20Transfer of user or subscriber data

Definitions

  • the present disclosure relates to selectively exposing subscriber data maintained by a telecommunications service provider to third parties.
  • Telecommunications service providers are currently looking for solutions that enable the monetization of their network assets beyond traditional models such as long-distance and toll-free calling services. For example, service providers can turn the vast amounts of data they have about their subscribers into valuable “contextual” information for third-parties. However, this subscriber contextual data is often not readily accessible to third-parties, and is not typically exposed in a manner that is both efficient and secure.
  • Methods, systems and articles of manufacture for selectively exposing subscriber data may be implemented by maintaining subscriber data at a digital data storage, wherein the digital data storage is protected by a service provider firewall.
  • a request to expose subscriber data from a third-party requestor is received via an application programming interface.
  • Selected subscriber data and a security condition associated with the request are determined.
  • the security condition is based on an identity of the third-party requestor.
  • the selected subscriber data is retrieved if the security condition is satisfied, and the selected subscriber data is transmitted to the third-party requestor.
  • selectively exposing subscriber data may be implemented by determining whether a subscriber opt-in rule is associated with the selected subscriber data.
  • the selected subscriber data is retrieved if the subscriber opt-in rule is satisfied.
  • the subscriber opt-in rule may be satisfied based on a subscriber opt-in response, such as a voice or text message response.
  • a time-limit may be imposed for receiving the subscriber opt-in response.
  • selectively exposing subscriber data may be implemented by updating the subscriber opt-in rule based on the subscriber opt-in response.
  • a new subscriber opt-in rule may be generated based on the subscriber opt-in response.
  • selectively exposing subscriber data may be implemented by maintaining the subscriber data in a cache memory.
  • the selected subscriber data may include at least one of subscriber profile, device property or location data.
  • FIG. 1 illustrates a system for selectively exposing subscriber data maintained by a telecommunications service provider according to an embodiment
  • FIG. 2 is a component diagram illustrating a subscriber data exposure platform according to an embodiment
  • FIG. 3 is a component diagram illustrating a subscriber data exposure platform according to an embodiment
  • FIG. 4 is a flowchart illustrating the operation of the subscriber data exposure platform according to an embodiment
  • FIG. 5 is a chart illustrating API functions according to an embodiment
  • FIG. 6 is a call-flow chart for accessing subscriber profile attributes according to an embodiment
  • FIG. 7 is a call-flow chart for a voice call with no subscriber opt-in according to an embodiment
  • FIG. 8 is a call-flow chart for an SMS message subscriber opt-in according to an embodiment
  • FIG. 9 is a call-flow chart for an SMS message subscriber opt-in according to another embodiment.
  • FIG. 10 is a call-flow chart for a voice call with subscriber opt-in according top an embodiment
  • FIG. 11 is a call-flow chart for a portal opt-in according to an embodiment
  • FIG. 12 is a call-flow chart illustrating a service provider request update opt-in according to an embodiment.
  • FIG. 13 is a high-level block diagram of an exemplary computer that may be used for implementing a subscriber data exposure platform.
  • Subscriber data maintained by telecommunications service providers may be selectively exposed to third-parties for improving customer-service applications (e.g., network-based call handling, and mobile payments), enabling customer-service applications and other uses.
  • customer-service applications e.g., network-based call handling, and mobile payments
  • customer-service applications may be web-based applications (e.g., browsers and social networks).
  • FIG. 1 illustrates an environment for selectively exposing subscriber data maintained by a telecommunications service provider according to an embodiment.
  • a telecommunications service provider 102 receives and maintains subscriber data 104 , such as user profile, device capability or location data.
  • subscriber data 104 such as user profile, device capability or location data.
  • a service provider 102 may wish to selectively expose the subscriber data it maintains to its customers 106 (e.g., third-party enterprises, Web-based applications).
  • the subscriber data may help customers 106 to improve their own customer service, such as by making call center operations more secure and efficient (e.g., through shorter customer interaction times, customized video streams and text messaging, improved call routing and enhanced privacy).
  • FIG. 2 is a component diagram illustrating a subscriber data exposure platform according to an embodiment.
  • the subscriber data exposure platform 200 manages the exposure of subscriber data to third-party (e.g., customer) applications 202 .
  • the platform 200 includes a subscriber data management element 204 and an opt-in management element 206 .
  • the platform 200 includes one or more APIs 208 for interfacing with third-party applications 202 .
  • the subscriber data management element 204 may store and retrieve subscriber data from one or more subscriber databases, such as a subscriber database 212 protected by a service provider firewall at a telecommunications service provider 102 .
  • the subscriber data management element 204 may also update the subscriber data in a subscriber database 212 based on periodic or push-based notifications from a service provider 102 .
  • the subscriber data management element 204 selectively exposes subscriber data to customers 106 in response to requests received via the APIs 208 .
  • the subscriber data management element 204 may employ a variety of security algorithms to selectively expose subscriber data. For example, the subscriber data management element 204 may require a subscriber 104 to affirmatively opt-in for the exposure of sensitive subscriber data, while subscriber opt-in may not be required for the exposure of other less sensitive data.
  • the opt-in management element 206 may manage subscriber opt-in information, and may also initiate message-based or offline Web-based subscriber opt-in capabilities by contacting a subscriber 104 for opt-in permission and allowing the subscriber data to be exposed only if a subscriber opt-in rule is satisfied.
  • the selective exposure of subscriber data may also include subscriber authentication.
  • a confidence level score (e.g., 0 to 100%) may represent a confidence level that a subscriber (or other requesting entity) is who they claim to be.
  • the subscriber data management element 204 may determine a confidence level score for authenticating a subscriber 104 by accessing a voice call platform 214 that monitors biometric characteristics of the subscriber's voice (e.g., via a voice recognition algorithm), in combination with other factors, such as a device's current location. For example, if the device location is known to be the subscriber's home or work address, the confidence level score may increase.
  • the device shows recent unusual calling or location patterns this could lower the score, or prompt the subscriber data management element 204 to make one or more additional authentication requests, such as for a personal identification number (PIN), password or the like.
  • PIN personal identification number
  • a variety of techniques e.g., neural networks, advanced metrics and the like may be used to determine a confidence level score, or otherwise determine that a subscriber or other requesting entity is who they claim to be, for authentication purposes.
  • the platform 200 is described as comprising discrete elements performing discrete tasks. However, one skilled in the art will appreciate that the functions of one or more of the elements may be combined and/or performed by one or more consolidated elements, such as a processor in cooperation with memory. Further, a service provider 102 may wish to bundle the selective exposure of subscriber data with other services (e.g., legacy services such as toll-free and long distance applications). Therefore, it should be understood that one or more elements or functions of the platform 200 may be integrated into various elements or functions of a general application exposure platform 210 .
  • legacy services such as toll-free and long distance applications
  • FIG. 3 is a component diagram illustrating a subscriber data exposure platform according to an embodiment, wherein APIs 208 are exposed to a variety of third-party applications, such as enterprise applications 300 (e.g., call center platforms), mobile applications 302 , and Web-based browsers and social networks 305 .
  • enterprise applications 300 e.g., call center platforms
  • mobile applications 302 e.g., mobile applications
  • Web-based browsers and social networks 305 e.g., Facebook, Twitter, etc.
  • a mobile application 302 intercepts a call dialed from a mobile device 303 (e.g., a user equipment device such as a smart-phone) when subscriber opt-in is required before the call is connected.
  • a call directed to a customer 106 may be received at an API 208 , and the subscriber data management element 204 may direct the mobile application 302 to present a graphical user interface (GUI) prompt asking whether the dialing subscriber wishes to opt-in to share data with the customer 106 .
  • GUI graphical user interface
  • certain trusted Web-based providers may have a provider Web-based portal 304 for providing off-line customer services, such as authenticating subscribers.
  • the platform 200 may include a portal integration module 306 for interfacing with a provider Web-based portal 304 to access subscriber authentication, new subscriber enrollment, off-line subscriber opt-in management and other capabilities in lieu of performing such operations internally.
  • a provider Web-based portal 304 may be allowed to opt-in for data exposure on behalf of a subscriber.
  • the platform 200 may also include a cache memory 308 , such as for frequently exposed subscriber data that would typically be stored in the subscriber database 212 .
  • the cache memory 308 may be accessible for storing, pre-retrieving or reconstructing subscriber data 212 from one or more service providers 102 to avoid performance penalties during real-time data lookups. For example, new subscriber data and third-party application attributes may initially be stored in the cache memory 308 for increased speed and efficiency.
  • the cache memory 308 may be accessible for reconstructing the unavailable, restricted or missing subscriber data from available data (e.g., a home time-zone update may be reconstructed based on a subscriber's known address).
  • FIG. 4 is a flowchart illustrating the operation of the subscriber data exposure platform according to an embodiment.
  • the subscriber data management element 204 maintains subscriber data at a telecommunications service provider subscriber database protected by a service provider firewall, such as the subscriber database 212 .
  • the subscriber data management element 204 receives, via an application programming interface 208 , a request to expose subscriber data to a third-party requestor (e.g., an enterprise application 300 , mobile application 302 , or Web-based provider 305 ).
  • a third-party requestor e.g., an enterprise application 300 , mobile application 302 , or Web-based provider 305 .
  • the subscriber data management element 204 determines selected subscriber data and a security condition associated with the request, wherein the security condition is based on an identity of the third-party requestor.
  • the subscriber data management element 204 retrieves the selected subscriber data (from the telecommunications service provider subscriber database 212 or cache memory 308 ) if the security condition is satisfied, and transmits the selected subscriber data to the third-party requestor at 408 .
  • the subscriber data management element 204 may authenticate the third-party requestor to satisfy the security condition.
  • the platform 200 includes one or more APIs 208 interfacing with third-party applications 202 , and in the various embodiments, the APIs 208 may include any function that relates to subscriber data maintained by one or more service providers 102 .
  • FIG. 5 is a chart illustrating API functions according to an embodiment.
  • APIs 208 may include functions related to subscriber profile management (get/get all/create/modify/delete subscriber data), subscriber identification (authenticate voice or get authentication PIN), application management (create/get/update/delete application access, get all applications), device properties (get manufacturer/model/location), current call party attributes (secure caller ID, get confidence score/liveliness phrase/location, profile attributes (get current device user profile) or other features.
  • subscriber profile management get/get all/create/modify/delete subscriber data
  • subscriber identification authentication voice or get authentication PIN
  • application management create/get/update/delete application access, get all applications
  • device properties get manufacturer/model/location
  • current call party attributes
  • FIGS. 6-12 are call-flow charts illustrating various API requests, including API requests that may require subscriber opt-in according to the various embodiments.
  • FIG. 6 is a call-flow chart for accessing subscriber profile attributes according to an embodiment.
  • a subscriber calls an enterprise application 300 (e.g., an application running at a commercial bank) via a public exchange (PBX) network 600 .
  • the subscriber's call may be delivered to an agent, who may send a request for data associated with the calling subscriber to an API 208 at 602 .
  • the API 208 sends a “get profile attributes” request to the subscriber data management element 204 , which accesses the opt-in management element 206 to determine whether subscriber opt-in is required at 604 .
  • the subscriber data management element 204 determines and then retrieves the profile attributes from the cache memory 308 at 605 , and transmits the profile attributes back to the API 208 at 606 .
  • the profile attributes are then forwarded via the API 208 to the enterprise application 300 at 607 for a screen update including the profile attributes at 608 .
  • FIG. 7 is a call-flow chart for a voice call with no subscriber opt-in according to an embodiment.
  • an enterprise application 300 sends a request to an API 208 for subscriber data to create a user profile.
  • the request may contain identification information for the API 208 to validate the subscriber at 702 . If no subscriber with the specified identification is found (at 703 ), the API 208 may send a bad request indication to the enterprise application at 703 a. If the identification is valid, the API sends a “get profile” call to the subscriber data management element 204 at 704 . The subscriber data management element 204 may then determine if a user profile exists.
  • the API 208 creates a new guest user profile from a default user profile at 705 and sends a request to the subscriber data management element 204 to store the new profile in a database (e.g., cache memory 308 ) at 706 .
  • the API calls the subscriber data management element 204 to populate the opt-in rules for the user profile.
  • the API 208 may then call the subscriber data management element 204 to determine and retrieve attribute values for the guest profile at 708 (repeating the logic at 707 and 708 for each attribute in the user profile).
  • the API 208 sends the guest profile to the enterprise application 300 , and the enterprise application 300 displays the attributes (e.g., for a customer service call with the subscriber) at 710 .
  • FIG. 8 is a call-flow chart for an SMS message subscriber opt-in according to an embodiment.
  • a subscriber may call an enterprise, such as a bank, and the subscriber's call may be routed to a customer service agent running an enterprise application 300 .
  • the enterprise application 300 may display a document associated with the subscriber (e.g., a loan application) to assist in processing the call.
  • the document may then be populated based on subscriber data (billing address, language preference, etc.) retrieved from a service provider.
  • subscriber data billing address, language preference, etc.
  • the API 201 receives the request and calls the subscriber data management element 204 to get the billing address attribute at 802 .
  • the subscriber data management element 204 determines the selected subscriber data for fulfilling the request, it accesses the opt-in management element 206 to determine if subscriber opt-in is required for any of the attributes at 803 .
  • the opt-in management element 206 may respond by returning an opt-in list showing that one or more of the requested attributes require subscriber opt-in.
  • the subscriber data management element 204 may initially return an error message to the API 201 at 804 , informing the API 208 (and the enterprise application 300 ) that the requested data is not allowed to be displayed.
  • the enterprise application 300 may then send a request to obtain opt-in permission ( 805 ), and the API 208 may access the opt-in management element 206 to send an opt-in SMS message to the subscriber at 806 .
  • the subscriber may be presented with an SMS or WAP opt-in message request to allow or deny the sharing of a list of data with the requesting enterprise.
  • a customer service agent in communication with the subscriber may assist the subscriber with the opt-in process.
  • the opt-in management element 206 stores the subscriber's opt-in response at 810 and communicates the opt-in status to the API 208 at 811 . Then, the subscriber data management element 204 may be called to retrieve the subscriber data associated with the request at 812 , and transmit the data (via the API 208 ) to the enterprise application 300 at 813 . The customer service agent may then refresh a display to receive the updated subscriber data at 814 .
  • FIG. 9 is a call-flow chart for an SMS message subscriber opt-in according to another embodiment.
  • the API 208 sends an opt-in request (e.g., device ID, application ID, attributes, etc.) to the opt-in management element 206 .
  • opt-in management element 206 may register to receive incoming SMS notifications (e.g., SMS messages corresponding to its short code) related to the request.
  • the opt-in management element 206 may then create an SMS text request (e.g., “ ⁇ applicationId ⁇ wants to see your ⁇ attribute ⁇ . . .
  • the opt-in management element 206 receives notification from the subscriber data management element 204 (at 908 ) of the SMS message received at 909 .
  • the opt-in management element 206 may start a timer with a predetermined expiration when the SMS is sent at 903 a. The timer will either stop at 910 when a response is received from the subscriber, or will time out at 912 if a response is not received.
  • the opt-in management element 206 creates and records (e.g., in cache memory 308 ) an opt-in rule based on the SMS reply at 911 (if a response is received) or at 913 if the timer expires without a response.
  • an opt-in rule value set to “read” may expire, and an ‘at’ rule value may be set to the (current time) +a determined expiration interval.
  • a rule value set to “invisible” may expire, and the ‘at’ rule value may be set to the (current time) +determined expiration interval.
  • the reply is “never”, the rule value may be set to “invisible”, and the ‘at’ value may be set to “never”.
  • FIG. 10 is a call-flow chart for a voice call with subscriber opt-in according to an embodiment.
  • the subscriber data management element 204 retrieves subscriber data in response to a request that are not visible by default and require subscriber opt-in.
  • an enterprise application 300 sends a request for subscriber data (e.g., GET context/app-party-view/ ⁇ party Id ⁇ /attributes) to an API 208 , and the API 208 validates the subscriber at 1002 . For example, if the subscriber is determined to be invalid at 1003 , the API 208 may send a “ 401 bad request” response at 1003 a.
  • subscriber data e.g., GET context/app-party-view/ ⁇ party Id ⁇ /attributes
  • the API 208 calls the subscriber data management element 204 to determine if subscriber opt-in rules are associated with the request at 1004 (i.e., the subscriber data management element 204 retrieves the subscriber profile). If subscriber opt-in is required, the subscriber data management element 204 may access the opt-in management element 206 to execute an online opt-In process. For example, the API 208 may create a default profile at 1005 and call the subscriber data management element 204 to store the profile (without attribute values) at 1006 . The API 208 may then call the subscriber data management element 204 to populate the opt-in rules at 1007 and/or retrieve attribute values from a service provider at 1008 .
  • the opt-in management element 206 performs the opt-in process asynchronously. If the subscriber opts-in before the subscriber data management element 204 collects the opt-in attributes, the subscriber data management element 204 populates the response with a list of allowed attributes and their values and sends the response back to the enterprise application 300 (via the API 208 ) at 1009 . The enterprise application 300 may then display the allowed attributes at 1010 .
  • FIG. 11 is a call-flow chart for a portal opt-in according to an embodiment.
  • an API 208 receives a request from an enterprise application 300 for a user profile (e.g., GET . . . /context/devices/ ⁇ deviceId ⁇ /userProfiles . . . ).
  • the API 208 validates the subscriber. If no subscriber records match, a “ 401 bad Request” message is returned at 1103 .
  • the API 208 calls the subscriber data management element 204 to determine if a subscriber profile and/or device identification exists for the subscriber.
  • the API 208 may create a new guest profile from, for example, a default user profile at 1105 and call the subscriber data management element 204 to store the new profile at 1106 .
  • the API 208 may call the subscriber data management element 204 to collect visible profile attributes from a service provider.
  • the subscriber data management element 204 may populate a response payload (e.g., an XML document) with a new user profile including the visible attributes and send the profile ( 1108 ) in an HTTP response to the enterprise application 300 (via the API 208 ) for a service provider portal to display the profile at 1109 .
  • a response payload e.g., an XML document
  • the subscriber may then change various default parameters and send the changes to the API 208 at 1111 .
  • the API 208 may then call the subscriber data management element 204 to store the updated profile at 1112 and the existing rules will be evaluated based on the new attribute values at 1113 .
  • FIG. 12 is a call-flow chart illustrating a service provider request update opt-in according to an embodiment.
  • an enterprise application 300 sends a request to retrieve subscriber opt-in rules to an API 208 at 1201 .
  • the API 208 call the subscriber data management element 204 to retrieve the opt-in rules at 1202 and responds to the request at 1203 .
  • the enterprise application 300 may then display the rules at 1204 , which a subscriber may update as desired. If the rules are updated, an update request may be sent to an API 208 at 1205 which contains at least one updated opt-in rule.
  • the API 208 calls the subscriber data management element 204 to update the opt-in rule, and send an SMS notification of the update to the subscriber at 1207 .
  • the API 208 then informs the enterprise application 300 of the update at 1208 .
  • the steps 1205 - 1208 may be repeated for each updated rule.
  • Computer 1300 contains a processor 1310 , which controls the overall operation of the computer 1300 by executing computer program instructions which define such operation.
  • the computer program instructions may be stored in a storage device 1320 (e.g., magnetic disk) and loaded into memory 1330 when execution of the computer program instructions is desired.
  • processor-executable computer program instructions are implemented by the processor 1310 , one or more program code segments of the computer program instructions may combine with the processor 1310 to provide a unique device that operates analogously to specific logic circuits.
  • the computer 1300 may be defined by the computer program instructions stored in the memory 1330 and/or storage 1320 and controlled by the processor 1310 executing the computer program instructions.
  • the computer 1300 may include one or more network interfaces 1340 for communicating with other devices via a network for implementing the steps of the method of FIGS. 4 and 6 - 12 .
  • the computer 1300 may also include other input/output devices 1350 that enable user interaction with the computer 1300 (e.g., display, keyboard, mouse, speakers, buttons, etc.).
  • FIG. 13 is a high level representation of some of the components of such a computer for illustrative purposes.

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computer Hardware Design (AREA)
  • Computing Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Databases & Information Systems (AREA)
  • Telephonic Communication Services (AREA)
  • Mobile Radio Communication Systems (AREA)
  • Information Transfer Between Computers (AREA)

Abstract

Methods, systems, and apparatuses for selectively exposing subscriber data include maintaining subscriber data at a digital data storage, wherein the digital data storage is protected by a service provider firewall. A request to expose subscriber data from a third-party requestor is received. Selected subscriber data and a security condition associated with the request are determined, wherein the security condition is based on an identity of the third-party requestor. The selected subscriber data is retrieved if the security condition is satisfied, and the selected subscriber data is transmitted to the third-party requestor.

Description

  • This application is a continuation of U.S. patent application Ser. No. 13/282,009, filed Oct. 26, 2011, the entire disclosure of which is incorporated by reference herein.
    • TECHNICAL FIELD
  • The present disclosure relates to selectively exposing subscriber data maintained by a telecommunications service provider to third parties.
    • BACKGROUND
  • Telecommunications service providers are currently looking for solutions that enable the monetization of their network assets beyond traditional models such as long-distance and toll-free calling services. For example, service providers can turn the vast amounts of data they have about their subscribers into valuable “contextual” information for third-parties. However, this subscriber contextual data is often not readily accessible to third-parties, and is not typically exposed in a manner that is both efficient and secure.
    • SUMMARY
  • Methods, systems and articles of manufacture for selectively exposing subscriber data may be implemented by maintaining subscriber data at a digital data storage, wherein the digital data storage is protected by a service provider firewall. A request to expose subscriber data from a third-party requestor is received via an application programming interface. Selected subscriber data and a security condition associated with the request are determined. The security condition is based on an identity of the third-party requestor. The selected subscriber data is retrieved if the security condition is satisfied, and the selected subscriber data is transmitted to the third-party requestor.
  • In accordance with an embodiment, selectively exposing subscriber data may be implemented by determining whether a subscriber opt-in rule is associated with the selected subscriber data. The selected subscriber data is retrieved if the subscriber opt-in rule is satisfied. The subscriber opt-in rule may be satisfied based on a subscriber opt-in response, such as a voice or text message response. A time-limit may be imposed for receiving the subscriber opt-in response.
  • In accordance with an embodiment, selectively exposing subscriber data may be implemented by updating the subscriber opt-in rule based on the subscriber opt-in response. A new subscriber opt-in rule may be generated based on the subscriber opt-in response.
  • In accordance with an embodiment, selectively exposing subscriber data may be implemented by maintaining the subscriber data in a cache memory. The selected subscriber data may include at least one of subscriber profile, device property or location data.
  • These and other advantages will be apparent to those of ordinary skill in the art by reference to the following detailed description and the accompanying drawings.
    • BRIEF DESCRIPTION OF THE DRAWINGS
  • FIG. 1 illustrates a system for selectively exposing subscriber data maintained by a telecommunications service provider according to an embodiment;
  • FIG. 2 is a component diagram illustrating a subscriber data exposure platform according to an embodiment;
  • FIG. 3 is a component diagram illustrating a subscriber data exposure platform according to an embodiment;
  • FIG. 4 is a flowchart illustrating the operation of the subscriber data exposure platform according to an embodiment;
  • FIG. 5 is a chart illustrating API functions according to an embodiment;
  • FIG. 6 is a call-flow chart for accessing subscriber profile attributes according to an embodiment;
  • FIG. 7 is a call-flow chart for a voice call with no subscriber opt-in according to an embodiment;
  • FIG. 8 is a call-flow chart for an SMS message subscriber opt-in according to an embodiment;
  • FIG. 9 is a call-flow chart for an SMS message subscriber opt-in according to another embodiment;
  • FIG. 10 is a call-flow chart for a voice call with subscriber opt-in according top an embodiment;
  • FIG. 11 is a call-flow chart for a portal opt-in according to an embodiment;
  • FIG. 12 is a call-flow chart illustrating a service provider request update opt-in according to an embodiment; and
  • FIG. 13 is a high-level block diagram of an exemplary computer that may be used for implementing a subscriber data exposure platform.
    •  DETAILED DESCRIPTION
  • Subscriber data maintained by telecommunications service providers, including customer profile, device identity and customer authentication data may be selectively exposed to third-parties for improving customer-service applications (e.g., network-based call handling, and mobile payments), enabling customer-service applications and other uses. It should be appreciated that such applications may be web-based applications (e.g., browsers and social networks).
  • FIG. 1 illustrates an environment for selectively exposing subscriber data maintained by a telecommunications service provider according to an embodiment. Typically, a telecommunications service provider 102 (also referred to herein as a “service provider”) receives and maintains subscriber data 104, such as user profile, device capability or location data. In turn, a service provider 102 may wish to selectively expose the subscriber data it maintains to its customers 106 (e.g., third-party enterprises, Web-based applications). For example, the subscriber data may help customers 106 to improve their own customer service, such as by making call center operations more secure and efficient (e.g., through shorter customer interaction times, customized video streams and text messaging, improved call routing and enhanced privacy).
  • FIG. 2 is a component diagram illustrating a subscriber data exposure platform according to an embodiment. The subscriber data exposure platform 200 manages the exposure of subscriber data to third-party (e.g., customer) applications 202. In one embodiment, the platform 200 includes a subscriber data management element 204 and an opt-in management element 206. In addition, the platform 200 includes one or more APIs 208 for interfacing with third-party applications 202.
  • The subscriber data management element 204 may store and retrieve subscriber data from one or more subscriber databases, such as a subscriber database 212 protected by a service provider firewall at a telecommunications service provider 102. The subscriber data management element 204 may also update the subscriber data in a subscriber database 212 based on periodic or push-based notifications from a service provider 102.
  • The subscriber data management element 204 selectively exposes subscriber data to customers 106 in response to requests received via the APIs 208. As described in further detail below, the subscriber data management element 204 may employ a variety of security algorithms to selectively expose subscriber data. For example, the subscriber data management element 204 may require a subscriber 104 to affirmatively opt-in for the exposure of sensitive subscriber data, while subscriber opt-in may not be required for the exposure of other less sensitive data. As such, the opt-in management element 206 may manage subscriber opt-in information, and may also initiate message-based or offline Web-based subscriber opt-in capabilities by contacting a subscriber 104 for opt-in permission and allowing the subscriber data to be exposed only if a subscriber opt-in rule is satisfied.
  • The selective exposure of subscriber data may also include subscriber authentication. For example, a confidence level score (e.g., 0 to 100%) may represent a confidence level that a subscriber (or other requesting entity) is who they claim to be. In one embodiment, the subscriber data management element 204 may determine a confidence level score for authenticating a subscriber 104 by accessing a voice call platform 214 that monitors biometric characteristics of the subscriber's voice (e.g., via a voice recognition algorithm), in combination with other factors, such as a device's current location. For example, if the device location is known to be the subscriber's home or work address, the confidence level score may increase. On the other hand, if the device shows recent unusual calling or location patterns this could lower the score, or prompt the subscriber data management element 204 to make one or more additional authentication requests, such as for a personal identification number (PIN), password or the like. While the preceding example is exemplary, it will be appreciated that a variety of techniques (e.g., neural networks, advanced metrics and the like) may be used to determine a confidence level score, or otherwise determine that a subscriber or other requesting entity is who they claim to be, for authentication purposes.
  • For ease of understanding, the platform 200 is described as comprising discrete elements performing discrete tasks. However, one skilled in the art will appreciate that the functions of one or more of the elements may be combined and/or performed by one or more consolidated elements, such as a processor in cooperation with memory. Further, a service provider 102 may wish to bundle the selective exposure of subscriber data with other services (e.g., legacy services such as toll-free and long distance applications). Therefore, it should be understood that one or more elements or functions of the platform 200 may be integrated into various elements or functions of a general application exposure platform 210.
  • FIG. 3 is a component diagram illustrating a subscriber data exposure platform according to an embodiment, wherein APIs 208 are exposed to a variety of third-party applications, such as enterprise applications 300 (e.g., call center platforms), mobile applications 302, and Web-based browsers and social networks 305.
  • In one embodiment, a mobile application 302 intercepts a call dialed from a mobile device 303 (e.g., a user equipment device such as a smart-phone) when subscriber opt-in is required before the call is connected. For example, a call directed to a customer 106 may be received at an API 208, and the subscriber data management element 204 may direct the mobile application 302 to present a graphical user interface (GUI) prompt asking whether the dialing subscriber wishes to opt-in to share data with the customer 106.
  • In another embodiment, certain trusted Web-based providers, such as browsers and social networks 305, may have a provider Web-based portal 304 for providing off-line customer services, such as authenticating subscribers. The platform 200 may include a portal integration module 306 for interfacing with a provider Web-based portal 304 to access subscriber authentication, new subscriber enrollment, off-line subscriber opt-in management and other capabilities in lieu of performing such operations internally. For example, a provider Web-based portal 304 may be allowed to opt-in for data exposure on behalf of a subscriber.
  • The platform 200 may also include a cache memory 308, such as for frequently exposed subscriber data that would typically be stored in the subscriber database 212. The cache memory 308 may be accessible for storing, pre-retrieving or reconstructing subscriber data 212 from one or more service providers 102 to avoid performance penalties during real-time data lookups. For example, new subscriber data and third-party application attributes may initially be stored in the cache memory 308 for increased speed and efficiency.
  • In another embodiment, when selected subscriber data from a particular service provider 102 is proprietary, or only a subset of subscriber data is available, the cache memory 308 may be accessible for reconstructing the unavailable, restricted or missing subscriber data from available data (e.g., a home time-zone update may be reconstructed based on a subscriber's known address).
  • FIG. 4 is a flowchart illustrating the operation of the subscriber data exposure platform according to an embodiment. At 400, the subscriber data management element 204 maintains subscriber data at a telecommunications service provider subscriber database protected by a service provider firewall, such as the subscriber database 212. At 402, the subscriber data management element 204 receives, via an application programming interface 208, a request to expose subscriber data to a third-party requestor (e.g., an enterprise application 300, mobile application 302, or Web-based provider 305). At 404, the subscriber data management element 204 determines selected subscriber data and a security condition associated with the request, wherein the security condition is based on an identity of the third-party requestor. Then, at 406, the subscriber data management element 204 retrieves the selected subscriber data (from the telecommunications service provider subscriber database 212 or cache memory 308) if the security condition is satisfied, and transmits the selected subscriber data to the third-party requestor at 408. For example, the subscriber data management element 204 may authenticate the third-party requestor to satisfy the security condition.
  • As mentioned above, the platform 200 includes one or more APIs 208 interfacing with third-party applications 202, and in the various embodiments, the APIs 208 may include any function that relates to subscriber data maintained by one or more service providers 102. FIG. 5 is a chart illustrating API functions according to an embodiment. For example, APIs 208 may include functions related to subscriber profile management (get/get all/create/modify/delete subscriber data), subscriber identification (authenticate voice or get authentication PIN), application management (create/get/update/delete application access, get all applications), device properties (get manufacturer/model/location), current call party attributes (secure caller ID, get confidence score/liveliness phrase/location, profile attributes (get current device user profile) or other features. One skilled in the art will note that the API functions of FIG. 5, while exemplary, are not exhaustive and that other API functions are possible.
  • FIGS. 6-12 are call-flow charts illustrating various API requests, including API requests that may require subscriber opt-in according to the various embodiments.
  • FIG. 6 is a call-flow chart for accessing subscriber profile attributes according to an embodiment. At 601, a subscriber calls an enterprise application 300 (e.g., an application running at a commercial bank) via a public exchange (PBX) network 600. The subscriber's call may be delivered to an agent, who may send a request for data associated with the calling subscriber to an API 208 at 602. At 603, the API 208 sends a “get profile attributes” request to the subscriber data management element 204, which accesses the opt-in management element 206 to determine whether subscriber opt-in is required at 604. If no opt-in is required, the subscriber data management element 204 determines and then retrieves the profile attributes from the cache memory 308 at 605, and transmits the profile attributes back to the API 208 at 606. The profile attributes are then forwarded via the API 208 to the enterprise application 300 at 607 for a screen update including the profile attributes at 608.
  • FIG. 7 is a call-flow chart for a voice call with no subscriber opt-in according to an embodiment. At 701, an enterprise application 300 sends a request to an API 208 for subscriber data to create a user profile. For example, the request may contain identification information for the API 208 to validate the subscriber at 702. If no subscriber with the specified identification is found (at 703), the API 208 may send a bad request indication to the enterprise application at 703 a. If the identification is valid, the API sends a “get profile” call to the subscriber data management element 204 at 704. The subscriber data management element 204 may then determine if a user profile exists. For example, if there is no user profile associated with the request, the API 208 creates a new guest user profile from a default user profile at 705 and sends a request to the subscriber data management element 204 to store the new profile in a database (e.g., cache memory 308) at 706. At 707, the API calls the subscriber data management element 204 to populate the opt-in rules for the user profile. The API 208 may then call the subscriber data management element 204 to determine and retrieve attribute values for the guest profile at 708 (repeating the logic at 707 and 708 for each attribute in the user profile). At 709, the API 208 sends the guest profile to the enterprise application 300, and the enterprise application 300 displays the attributes (e.g., for a customer service call with the subscriber) at 710.
  • FIG. 8 is a call-flow chart for an SMS message subscriber opt-in according to an embodiment. In one embodiment, a subscriber may call an enterprise, such as a bank, and the subscriber's call may be routed to a customer service agent running an enterprise application 300. For example, the enterprise application 300 may display a document associated with the subscriber (e.g., a loan application) to assist in processing the call. The document may then be populated based on subscriber data (billing address, language preference, etc.) retrieved from a service provider. For example, when the enterprise application 300 sends a request for a billing address to an API 208 at 801, the API 201 receives the request and calls the subscriber data management element 204 to get the billing address attribute at 802. When the subscriber data management element 204 determines the selected subscriber data for fulfilling the request, it accesses the opt-in management element 206 to determine if subscriber opt-in is required for any of the attributes at 803. For example, the opt-in management element 206 may respond by returning an opt-in list showing that one or more of the requested attributes require subscriber opt-in. In the event of a required subscriber opt-in, the subscriber data management element 204 may initially return an error message to the API 201 at 804, informing the API 208 (and the enterprise application 300) that the requested data is not allowed to be displayed. The enterprise application 300 may then send a request to obtain opt-in permission (805), and the API 208 may access the opt-in management element 206 to send an opt-in SMS message to the subscriber at 806. For example, the subscriber may be presented with an SMS or WAP opt-in message request to allow or deny the sharing of a list of data with the requesting enterprise. In one embodiment, as the SMS is sent and the response wait status is communicated by the API 208 to the enterprise application 300 at 808, a customer service agent in communication with the subscriber may assist the subscriber with the opt-in process. If the subscriber responds by opting-in (809), the opt-in management element 206 stores the subscriber's opt-in response at 810 and communicates the opt-in status to the API 208 at 811. Then, the subscriber data management element 204 may be called to retrieve the subscriber data associated with the request at 812, and transmit the data (via the API 208) to the enterprise application 300 at 813. The customer service agent may then refresh a display to receive the updated subscriber data at 814.
  • FIG. 9 is a call-flow chart for an SMS message subscriber opt-in according to another embodiment. At 901, the API 208 sends an opt-in request (e.g., device ID, application ID, attributes, etc.) to the opt-in management element 206. At 902, opt-in management element 206 may register to receive incoming SMS notifications (e.g., SMS messages corresponding to its short code) related to the request. The opt-in management element 206 may then create an SMS text request (e.g., “{applicationId} wants to see your {attribute} . . . {attribute}”) to be sent via a subscriber data management element 204 to the subscriber at 903-905, and the subscriber may respond, for example, by indicating “yes”, “no” or “never” at 906. When the subscriber responds at 907, the opt-in management element 206 receives notification from the subscriber data management element 204 (at 908) of the SMS message received at 909. In one embodiment, the opt-in management element 206 may start a timer with a predetermined expiration when the SMS is sent at 903 a. The timer will either stop at 910 when a response is received from the subscriber, or will time out at 912 if a response is not received. In either case, the opt-in management element 206 creates and records (e.g., in cache memory 308) an opt-in rule based on the SMS reply at 911 (if a response is received) or at 913 if the timer expires without a response. In one example, if the reply is ‘yes’, an opt-in rule value set to “read” may expire, and an ‘at’ rule value may be set to the (current time) +a determined expiration interval. If the reply is ‘no’, a rule value set to “invisible” may expire, and the ‘at’ rule value may be set to the (current time) +determined expiration interval. If the reply is “never”, the rule value may be set to “invisible”, and the ‘at’ value may be set to “never”.
  • FIG. 10 is a call-flow chart for a voice call with subscriber opt-in according to an embodiment. In one embodiment, the subscriber data management element 204 retrieves subscriber data in response to a request that are not visible by default and require subscriber opt-in. At 1001, an enterprise application 300 sends a request for subscriber data (e.g., GET context/app-party-view/{party Id}/attributes) to an API 208, and the API 208 validates the subscriber at 1002. For example, if the subscriber is determined to be invalid at 1003, the API 208 may send a “401 bad request” response at 1003 a. If the subscriber is valid, the API 208 calls the subscriber data management element 204 to determine if subscriber opt-in rules are associated with the request at 1004 (i.e., the subscriber data management element 204 retrieves the subscriber profile). If subscriber opt-in is required, the subscriber data management element 204 may access the opt-in management element 206 to execute an online opt-In process. For example, the API 208 may create a default profile at 1005 and call the subscriber data management element 204 to store the profile (without attribute values) at 1006. The API 208 may then call the subscriber data management element 204 to populate the opt-in rules at 1007 and/or retrieve attribute values from a service provider at 1008. In one embodiment, the opt-in management element 206 performs the opt-in process asynchronously. If the subscriber opts-in before the subscriber data management element 204 collects the opt-in attributes, the subscriber data management element 204 populates the response with a list of allowed attributes and their values and sends the response back to the enterprise application 300 (via the API 208) at 1009. The enterprise application 300 may then display the allowed attributes at 1010.
  • FIG. 11 is a call-flow chart for a portal opt-in according to an embodiment. In one embodiment, at 1101 an API 208 receives a request from an enterprise application 300 for a user profile (e.g., GET . . . /context/devices/{deviceId}/userProfiles . . . ). At 1102, the API 208 validates the subscriber. If no subscriber records match, a “401 bad Request” message is returned at 1103. At 1104, the API 208 calls the subscriber data management element 204 to determine if a subscriber profile and/or device identification exists for the subscriber. If there is no profile associated with the subscriber stored in the system, the API 208 may create a new guest profile from, for example, a default user profile at 1105 and call the subscriber data management element 204 to store the new profile at 1106. At 1107, the API 208 may call the subscriber data management element 204 to collect visible profile attributes from a service provider. In one embodiment, the subscriber data management element 204 may populate a response payload (e.g., an XML document) with a new user profile including the visible attributes and send the profile (1108) in an HTTP response to the enterprise application 300 (via the API 208) for a service provider portal to display the profile at 1109. At 1110, the subscriber may then change various default parameters and send the changes to the API 208 at 1111. The API 208 may then call the subscriber data management element 204 to store the updated profile at 1112 and the existing rules will be evaluated based on the new attribute values at 1113.
  • FIG. 12 is a call-flow chart illustrating a service provider request update opt-in according to an embodiment. In one embodiment, an enterprise application 300 sends a request to retrieve subscriber opt-in rules to an API 208 at 1201. The API 208 call the subscriber data management element 204 to retrieve the opt-in rules at 1202 and responds to the request at 1203. The enterprise application 300 may then display the rules at 1204, which a subscriber may update as desired. If the rules are updated, an update request may be sent to an API 208 at 1205 which contains at least one updated opt-in rule. At 1206, the API 208 calls the subscriber data management element 204 to update the opt-in rule, and send an SMS notification of the update to the subscriber at 1207. The API 208 then informs the enterprise application 300 of the update at 1208. The steps 1205-1208 may be repeated for each updated rule.
  • The above-described methods may be implemented on a computer using well-known computer processors, memory units, storage devices, computer software, and other components. A high-level block diagram of such a computer is illustrated in FIG. 13. Computer 1300 contains a processor 1310, which controls the overall operation of the computer 1300 by executing computer program instructions which define such operation. The computer program instructions may be stored in a storage device 1320 (e.g., magnetic disk) and loaded into memory 1330 when execution of the computer program instructions is desired. When processor-executable computer program instructions are implemented by the processor 1310, one or more program code segments of the computer program instructions may combine with the processor 1310 to provide a unique device that operates analogously to specific logic circuits. Thus, the steps of the method of FIGS. 4 and 6-12 may be defined by the computer program instructions stored in the memory 1330 and/or storage 1320 and controlled by the processor 1310 executing the computer program instructions. The computer 1300 may include one or more network interfaces 1340 for communicating with other devices via a network for implementing the steps of the method of FIGS. 4 and 6-12. The computer 1300 may also include other input/output devices 1350 that enable user interaction with the computer 1300 (e.g., display, keyboard, mouse, speakers, buttons, etc.). One skilled in the art will recognize that an implementation of an actual computer could contain other components as well, and that FIG. 13 is a high level representation of some of the components of such a computer for illustrative purposes.
  • The foregoing Detailed Description is to be understood as being in every respect illustrative and exemplary, but not restrictive, and the scope of the invention disclosed herein is not to be determined from the Detailed Description, but rather from the claims as interpreted according to the full breadth permitted by the patent laws. It is to be understood that the embodiments shown and described herein are only illustrative of the principles of the present invention and that various modifications may be implemented by those skilled in the art without departing from the scope and spirit of the invention. Those skilled in the art could implement various other feature combinations without departing from the scope and spirit of the invention.

Claims (20)

We claim:
1. A method comprising:
receiving a request from a third-party requestor to expose subscriber data;
determining a security condition associated with the third-party requestor;
determining a historical calling pattern and a historical location pattern of the third-party requestor for a selected time period;
requesting authentication information of the third-party requestor based on the historical calling pattern and the historical location pattern of the third-party requestor;
determining a confidence level score representing a confidence level in a represented identity of the third-party requestor based at least on the historical calling pattern, the historical location pattern, and the authentication information; and
transmitting the subscriber data to the third-party requestor based on the confidence level score satisfying a threshold confidence level score of the security condition.
2. The method of claim 1, further comprising:
responsive to the confidence level score not satisfying the threshold confidence level score, requesting additional authentication information of the third-party requestor so that the confidence level score satisfies the threshold confidence level score.
3. The method of claim 1, further comprising:
determining whether a subscriber opt-in rule is associated with the subscriber data; and
transmitting the subscriber data based on the subscriber opt-in rule being satisfied.
4. The method of claim 3, wherein the subscriber opt-in rule is satisfied based on a subscriber opt-in response.
5. The method of claim 1, further comprising:
determining whether at least some of the subscriber data includes sensitive subscriber data; and
in response to determining that at least some of the subscriber data includes sensitive subscriber data, transmitting the subscriber data based on a subscriber opt-in being satisfied.
6. The method of claim 1, further comprising:
pre-retrieving frequently exposed subscriber data; and
storing the frequently exposed subscriber data in cache memory.
7. The method of claim 1, wherein the subscriber data includes at least one of a subscriber profile, device property, and location data.
8. The method of claim 1, wherein the security condition comprises an authentication confidence indication.
9. The method of claim 1, further comprising receiving the request from at least one of a Web-based provider portal, an enterprise application, and a mobile application.
10. The method of claim 1, wherein at least a portion of the subscriber data is unavailable, the method further comprising:
generating at least a portion of the unavailable subscriber data based on available subscriber data.
11. An apparatus comprising:
an application programming interface configured to receive a request from a third-party requestor to expose subscriber data; and
a subscriber data management element configured to:
determine a security condition associated with the third-party requestor;
determine a historical calling pattern and a historical location pattern of the third-party requestor for a selected time period;
request authentication information of the third-party requestor based on the historical calling pattern and the historical location pattern of the third-party requestor;
determine a confidence level score representing a confidence level in a represented identity of the third-party requestor based at least on the historical calling pattern, the historical location pattern, and the authentication information; and
transmit the subscriber data to the third-party requestor based on the confidence level score satisfying a threshold confidence level score of the security condition.
12. The apparatus of claim 11, wherein the subscriber data management element is further configured to:
responsive to the confidence level score not satisfying the threshold confidence level score, requesting additional authentication information of the third-party requestor so that the confidence level score satisfies the threshold confidence level score.
13. The apparatus of claim 11, wherein the subscriber data management element is further configured to:
determine whether a subscriber opt-in rule is associated with the subscriber data; and
transmit the subscriber data based on the subscriber opt-in rule being satisfied.
14. The apparatus of claim 13, wherein the subscriber opt-in rule is satisfied based on a subscriber opt-in response.
15. The apparatus of claim 14, wherein the subscriber data management element is further configured to generate a new subscriber opt-in rule based on the subscriber opt-in response.
16. The apparatus of claim 11, wherein the subscriber data management element is further configured to:
determine whether at least some of the subscriber data includes sensitive subscriber data; and
in response to determining that at least some of the subscriber data includes sensitive subscriber data, transmit the subscriber data based on a subscriber opt-in being satisfied.
17. The apparatus of claim 11, wherein the subscriber data management element is further configured to:
pre-retrieve frequently exposed subscriber data; and
store the frequently exposed subscriber data in cache memory.
18. An article of manufacture including a non-transitory computer-readable medium having instructions stored thereon, that in response to execution by a computing device causes the computing device to perform operations comprising:
receiving a request from a third-party requestor to expose subscriber data;
determining a security condition associated with the third-party requestor;
determining a historical calling pattern and a historical location pattern of the third-party requestor for a selected time period;
requesting authentication information of the third-party requestor based on the historical calling pattern and the historical location pattern of the third-party requestor;
determining a confidence level score representing a confidence level in a represented identity of the third-party requestor based at least on the historical calling pattern, the historical location pattern, and the authentication information; and
transmitting the subscriber data to the third-party requestor based on the confidence level score satisfying a threshold confidence level score of the security condition.
19. The article of manufacture of claim 18, further comprising:
responsive to the confidence level score not satisfying the threshold confidence level score, requesting additional authentication information of the third-party requestor so that the confidence level score satisfies the threshold confidence level score.
20. The article of manufacture of claim 18, wherein at least a portion of the subscriber data is unavailable, the operations further comprising:
generating at least a portion of the unavailable subscriber data based on available subscriber data.
US14/628,782 2011-10-26 2015-02-23 Method for Selectively Exposing Subscriber Data Abandoned US20150163674A1 (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
US14/628,782 US20150163674A1 (en) 2011-10-26 2015-02-23 Method for Selectively Exposing Subscriber Data

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
US13/282,009 US8990586B2 (en) 2011-10-26 2011-10-26 Method for selectively exposing subscriber data
US14/628,782 US20150163674A1 (en) 2011-10-26 2015-02-23 Method for Selectively Exposing Subscriber Data

Related Parent Applications (1)

Application Number Title Priority Date Filing Date
US13/282,009 Continuation US8990586B2 (en) 2011-10-26 2011-10-26 Method for selectively exposing subscriber data

Publications (1)

Publication Number Publication Date
US20150163674A1 true US20150163674A1 (en) 2015-06-11

Family

ID=47080868

Family Applications (2)

Application Number Title Priority Date Filing Date
US13/282,009 Expired - Fee Related US8990586B2 (en) 2011-10-26 2011-10-26 Method for selectively exposing subscriber data
US14/628,782 Abandoned US20150163674A1 (en) 2011-10-26 2015-02-23 Method for Selectively Exposing Subscriber Data

Family Applications Before (1)

Application Number Title Priority Date Filing Date
US13/282,009 Expired - Fee Related US8990586B2 (en) 2011-10-26 2011-10-26 Method for selectively exposing subscriber data

Country Status (6)

Country Link
US (2) US8990586B2 (en)
EP (1) EP2772079A1 (en)
JP (1) JP6072051B2 (en)
KR (1) KR20140082732A (en)
CN (1) CN103907366A (en)
WO (1) WO2013062805A1 (en)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20220295598A1 (en) * 2017-06-23 2022-09-15 At&T Mobility Ii Llc Facilitating integrated management of connected assets that utilize different technologies and that are located across disparate wireless communications networks

Families Citing this family (13)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US8825962B1 (en) * 2010-04-20 2014-09-02 Facebook, Inc. Push-based cache invalidation notification
WO2012177681A2 (en) * 2011-06-20 2012-12-27 Aces & Eights Corporation Systems and methods for digital forensic triage
US9495226B2 (en) * 2011-12-21 2016-11-15 Cbs Interactive Inc. Integration of client side applications into a fantasy open platform environment
US9596621B2 (en) * 2012-08-10 2017-03-14 Ibasis, Inc. Signaling traffic reduction in mobile communication systems
US9602949B2 (en) * 2013-12-11 2017-03-21 Capital One Financial Corporation Systems and methods for populating online applications using third party platforms
JP5943356B2 (en) * 2014-01-31 2016-07-05 インターナショナル・ビジネス・マシーンズ・コーポレーションInternational Business Machines Corporation Information processing apparatus, information processing method, and program
US9270815B2 (en) * 2014-06-24 2016-02-23 At&T Intellectual Property I, Lp Method and apparatus for data management of third party services
US11062320B2 (en) 2017-10-19 2021-07-13 Capital One Services, Llc User account controls for online transactions
US20230297621A1 (en) * 2017-10-19 2023-09-21 Capital One Services, Llc Identifying merchant data associated with multiple data structures
US10353956B2 (en) 2017-10-19 2019-07-16 Capital One Services, Llc Identifying merchant data associated with multiple data structures
US11636225B2 (en) 2020-05-22 2023-04-25 The Toronto-Dominion Bank Method and system for managing access to entity identity data
US11677700B1 (en) * 2020-05-29 2023-06-13 Meta Platforms, Inc. Systems and methods for opt-in messaging
US11695772B1 (en) * 2022-05-03 2023-07-04 Capital One Services, Llc System and method for enabling multiple auxiliary use of an access token of a user by another entity to facilitate an action of the user

Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20030065844A1 (en) * 2001-09-28 2003-04-03 Lester Robert A. Method for improving processor performance
US20110033050A1 (en) * 2009-08-07 2011-02-10 Jay Maller Teired key communication system and method in support of controlled vendor message processing
US20110251807A1 (en) * 2009-01-26 2011-10-13 Geneva Cleantech Inc. Automatic detection of appliances

Family Cites Families (15)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US5805674A (en) * 1995-01-26 1998-09-08 Anderson, Jr.; Victor C. Security arrangement and method for controlling access to a protected system
US20040193694A1 (en) 1999-11-10 2004-09-30 Randy Salo Application gateway systems
JP2002232605A (en) * 2001-01-29 2002-08-16 Toshiaki Muramatsu System for reducing subscriber communication charge communication network video advertisement viewing in next generation portable telephone terminal or the like
US6947897B2 (en) * 2001-02-13 2005-09-20 Capital One Financial Corporation System and method for managing consumer information
JP4132788B2 (en) * 2001-11-15 2008-08-13 三菱電機株式会社 Data communication device
US20030115203A1 (en) 2001-12-19 2003-06-19 Wendell Brown Subscriber data page for augmenting a subscriber connection with another party
US7010526B2 (en) * 2002-05-08 2006-03-07 International Business Machines Corporation Knowledge-based data mining system
CN100347687C (en) * 2003-03-18 2007-11-07 富士通株式会社 Information access control method, access control program, and external recording medium
US20050076198A1 (en) * 2003-10-02 2005-04-07 Apacheta Corporation Authentication system
JP4490218B2 (en) * 2004-09-16 2010-06-23 富士通株式会社 Direct mail transmission service method and transmission service system for multi-line subscribers
US8270590B2 (en) * 2006-06-15 2012-09-18 Alcatel Lucent User message delivery to calling party device
US9977827B2 (en) * 2007-03-30 2018-05-22 Innography, Inc. System and methods of automatic query generation
DE112008004045T5 (en) * 2008-10-22 2013-01-10 Hewlett-Packard Development Company, L.P. Method and system for providing authorizations of a recording device by means of a biometric evaluation
US8255288B1 (en) * 2009-02-03 2012-08-28 Amazon Technologies, Inc. High demand sale processing
US20110238483A1 (en) * 2010-03-29 2011-09-29 Boku, Inc. Systems and Methods to Distribute and Redeem Offers

Patent Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20030065844A1 (en) * 2001-09-28 2003-04-03 Lester Robert A. Method for improving processor performance
US20110251807A1 (en) * 2009-01-26 2011-10-13 Geneva Cleantech Inc. Automatic detection of appliances
US20110033050A1 (en) * 2009-08-07 2011-02-10 Jay Maller Teired key communication system and method in support of controlled vendor message processing

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20220295598A1 (en) * 2017-06-23 2022-09-15 At&T Mobility Ii Llc Facilitating integrated management of connected assets that utilize different technologies and that are located across disparate wireless communications networks

Also Published As

Publication number Publication date
WO2013062805A1 (en) 2013-05-02
EP2772079A1 (en) 2014-09-03
JP6072051B2 (en) 2017-02-01
US8990586B2 (en) 2015-03-24
CN103907366A (en) 2014-07-02
KR20140082732A (en) 2014-07-02
JP2014533016A (en) 2014-12-08
US20130109348A1 (en) 2013-05-02

Similar Documents

Publication Publication Date Title
US8990586B2 (en) Method for selectively exposing subscriber data
US20070198725A1 (en) System and method for utilizing contact information, presence information and device activity
EP2122976B1 (en) Systems and methods for caller identification customization and remote management of communication devices
US7647283B2 (en) Method, system, and computer program product for adaptively learning user preferences for smart services
US10402585B2 (en) Management of privacy policies
US10154099B2 (en) Method, system, and computer program product for delivering smart services
US20130111545A1 (en) Privacy Management for Subscriber Data
WO2006042066A1 (en) System and method for utilizing contact information, presence information and device activity
US8145581B2 (en) Method, system, and computer program product for delivering smart services
US9794350B2 (en) Managing presence in communications systems
WO2023064562A1 (en) Trust relationships to share client assets among client accounts in a software as a service platform
US10616293B1 (en) Multiple account binding
US8490202B2 (en) Method for masking data
US11537736B2 (en) System for detecting anomalous access to tables
KR20170140751A (en) System and Method for Confirm Transaction by using Dual Channel

Legal Events

Date Code Title Description
AS Assignment

Owner name: ALCATEL-LUCENT USA INC., NEW JERSEY

Free format text: ASSIGNMENT OF ASSIGNORS INTEREST;ASSIGNORS:SHARMA, ALOK;CAI, YIGANG;REEL/FRAME:035454/0864

Effective date: 20110922

STCB Information on status: application discontinuation

Free format text: ABANDONED -- FAILURE TO RESPOND TO AN OFFICE ACTION